The power of the NSA blew my mind, I just can't believe how an agency like this has such so sophisticated tools and technology to use it. Yet they had not stop a single terrorist of blowing their target.

The power of the NSA blew my mind, I just can't believe how an agency like this has such so sophisticated tools and technology to use it. Yet they had not stopped a single terrorist of blowing up their target.

I had to chuckle a bit, when I read about the Huawei injection. Obviously the government knew what they did, when they blocked Huawei from official contracts. They knew those products were vulnerable because the NSA did it! Five years ago!

It's not like this comes as a surprise, as such (as with the initial revelations, you always suspected SOMETHING like this could be going on) but to see it confirmed, and to get a sense of the breadth of it all...

Seriously, it's enough to make me profoundly reevaluate the role of technology in my life.

This is bad. I guess I need to rethink my stance on companies like Cisco blaming the NSA revelations on their declining sales overseas. I thought it was largely overstated -- at least at this early stage -- but now? How could any foreign corporation feel comfortable purchasing technology from a U.S. vendor? Whether these vendors are cooperating directly with the NSA or not doesn't seem to matter anymore.

Be careful with the claim that these documents came from Snowden. Spiegel explicitly does not source any of these documents to Edward Snowden, which raises the possibility of another leaker. See also this twitter exchange on the subject.

Be careful with the claim that these documents came from Snowden. Spiegel explicitly does not source any of these documents to Edward Snowden, which raises the possibility of another leaker. See also this twitter exchange on the subject.

I hope there is. I'd like nothing better than for Snowden to inspire others to uphold the constitution.

See, this sort of targeted surveillance is the kind of thing I'd expect the NSA/GCHQ/et al to be developing. It's the mass dragnet capture of data that is objectionable, both on grounds of the obvious human rights abuse, and of it being a large expense that has - with all evidence available thus far - produced absolutely no results.

I hope, one way or the other, this is going to get the attention of the Honey Boo-Boo and NFL crowd. We need them paying attention to see what is going on if there's going to be any change of any kind.

(Disclosure: written on a government computer at work, so I have to say this part yay go me.)

An implanted wireless device is the NSA’s go-to approach for dealing with “air-gapped” networks—networks that don’t have an Internet connection for security reasons.

Sometime in the past I was responsible for signing off on situations such as described in the quote. Not only were the networks not allowed to have an 'Internet connection' but the possibility of inadvertently having one was removed as well. Anyone with a bit of tech knowledge can disable a gateway many different ways, but we had to lock things down enough that someone couldn't accidentally do so much as plug in a cable to a live network (physically lock down access, physically disable radios, lock down IPs and subnets so as to be unusable the general LAN if by some means someone had a 100' Cat5e cable and zero common sense, on and on...).

Radios in the USB cables? That really got me there. It's not something you can readily look for without an RF Spectrum Analylizer and jumping through so many hoops as to be impracticable and wasting countless manhours. Clever scary that. While signing off on that is not part of my job at the moment, I'm really not sure how to handle that now in good conscious after these revelations.

Next time you wonder why your OS sucks so much, remember this article. The guys who sit around dreaming up this stuff are usually fairly high up on the class ranking and could have really improved the world. Instead they fight "terrorism" just like many of the best and brightest fought "communism" in the 1960s and 1970s.

I once worked with a guy who always talked about how he worked in a Faraday cage when he worked for one of the big government contractors, I don't remember which one. I always thought it was a little overboard, but seeing this now, seems like they probably knew about some of these things and had the right idea.

Something few people talk about regarding those hacks is how many bugs are introduced by them ?How many crashes, dead mobos did we suffer just because of those spooks ?Can we sue them for tampering with private equipment ?

Isn't anyone pleased the NSA made this stuff? It's their job, and they're doing it damn well. And this is further proof Snowden wasn't motivated by a personal issue wiith uncostitutional mass surveillance - he plainly wanted to blow as big a hole in western intelligence capabilities as possible. He absolutely deserves to hang for this.

I hope, one way or the other, this is going to get the attention of the Honey Boo-Boo and NFL crowd.

The question is, will they care? If something doesn't immediately and obviously infringe on someone's lifestyle then it's a non-issue to them.

This is why we have such ineffectual (and in some cases idiotic) representatives in government. It's all too abstract for some people to really comprehend, so they rely on their gut instincts or simply don't care to engage at all.

Btw, everyone's happy with the Russians, Chinese (etc) all doing this too right? Because unlike the US gubmint, which clearly hates its own citizens, the KGB thugs and the chicoms clearly have your best interests at heart....

I once worked with a guy who always talked about how he worked in a Faraday cage when he worked for one of the big government contractors, I don't remember which one. I always thought it was a little overboard, but seeing this now, seems like they probably knew about some of these things and had the right idea.

TEMPEST shielding and other techniques have been around for decades, but it seems that most people have forgotten all about it. What worries me the most is the widespread embrace of wireless networking for everything these days.

And yes, this does give a modicum of credibility to the tinfoil advocates.

Why does everyone assume this has produced no results? Do you think they would announce every single busted up attempt at our country? If you didn't know about any of this, why would you assume you would know about any of the other?

Btw, everyone's happy with the Russians, Chinese (etc) all doing this too right? Because unlike the US gubmint, which clearly hates its own citizens, the KGB thugs and the chicoms clearly have your best interests at heart....

Nah, obviously the devil you know is better than the one you don't. Especially as the Russian & Chinese devils are worse than the American ones. But at the end of the day, they're all still devils.

For example, one collection of BIOS hacks called the “MONTANA” family (SCHOOLMONTANA, SIERRAMONTANA, and STUCCOMONTANA), was designed to target Juniper Networks routers using the JUNOS operating system—a FreeBSD derivative.

It's not like this comes as a surprise, as such (as with the initial revelations, you always suspected SOMETHING like this could be going on) but to see it confirmed, and to get a sense of the breadth of it all...

Seriously, it's enough to make me profoundly reevaluate the role of technology in my life.

Why re-evaluate technology? Why not re-evaluate the nation-state?

It's pretty clear to me that this is either the last gasp or the latest and greatest triumph of the nationalist stooges of all states.

Why does everyone assume this has produced no results? Do you think they would announce every single busted up attempt at our country? If you didn't know about any of this, why would you assume you would know about any of the other?

I don't think anyone is asking for every single bust related to the metadata sweep. But just one credible report -- once that demonstrates the information obtained could NOT have been obtained, for whatever reason, by getting a warrant -- would be nice.

Well folks, unless you think a dystopian future of 1984 surveillance is a sustainable and productive future for humanity, it looks like We The Peons need to burn these motherfuckers down. I'm not just talking NSA, I'm talking ALL of them. They won't stop this shit until we physically destroy the means.

Seriously, corruption will be the end of our species if we can't get a fucking handle on the difference between productive and counterproductive activities, which can also be generalized as growing/making things, versus preying on each other. Replacing fossil fuel energy would be a good example of a productive human project with a high sustainability value.

I'm really curious when this is going to stop being a "down the line issue". Though not always directly down party lines, this Snowden business has polarized the American people in a way that only abortion and welfare debates have before.

At what point does it stop being about what Snowden should have done, or how he took an oath and broke it, about how he betrayed his country, etc, etc, and when does it start being about how far reaching and massive all of these revelations have been? When do we start addressing that the kinds of things we saw in the original Bourne trilogy, the things that I confidently told non-tech friends and family could "never happen, ever", are happening now?

Well, for some, never. Because there are some people that think our government knows best and it's okay for them to keep some information from us in the interest of fighting the "T" word. I'm just hoping enough of the people on the fence can be convinced that an anti-terrorism surveillance program that violates human rights and privacy around the globe and has zero documented successes (and multiple failures, Boston marathon bombings, etc) is just plain wrong.

James Bamford wrote a large, thick book called The Puzzle Palace about the NSA over 20 years ago. It's mission and basic methodologies have been PUBLIC INFORMATION since then. As for other intelligence agencies, their roles and responsibilities and what they do to accomplish their mission - books, articles and papers have been written for decades and decades on that topic.

NSA and partners have had the entire planet's comms under surveillance since the 70s, and it's been known that this is so for AT LEAST the last 20 years. Cyber surveillance and cyber war are not new topics, and have been important issues since at least the 90s, though little has been done (at least publicly).

Snowden said he wanted a public debate, but to get that debate - one the public hasn't given a shit about for over 20 years now - he's had to blow large portions of the NSA's operations out of the water. And it's not just 'the war on terror' that the NSA has a role to perform. And what debate is going to happen? What even are the sides of the debate? You have the once-smart Ars community openly discussing going Amish, other's saying that the only good government is a dead one, etc..... Do you think the US media is going to host that debate? Has it ever hosted a meaningful public debate?

Seriously, what did Snowden think he was doing, if it simply wasn't sabotage?

Because none have been produced, despite repeated requests from congress and elsewhere?

At some point the 'This is too secret for the unwashed masses to understand' excuse loses its last shred of credibility. It really is tantamount to the reply of "Because I say so" to a serious question.

Btw, everyone's happy with the Russians, Chinese (etc) all doing this too right? Because unlike the US gubmint, which clearly hates its own citizens, the KGB thugs and the chicoms clearly have your best interests at heart....

Two wrongs are still wrongs

It is a shame we have to stoop to this level just to keep ahead of the espionage game, where we can no longer trust hardware manufacturers not have to their stuff fiddled with and loaded with backdoors...

... though I do recall all the stuff with industrial equipment being left with hardcoded passwords and default settings. Maybe we shouldn't trust them at all?

I don't think anyone is asking for every single bust related to the metadata sweep. But just one credible report -- once that demonstrates the information obtained could NOT have been obtained, for whatever reason, by getting a warrant -- would be nice.

I don't believe our gov't would want to put focus on the fact that they're taking information without a warrant. Most of the public didn't even realize this was occurring and those that did know weren't loud enough, including Congress. Our gov't knew they didn't have to answer any of these requests and they'd get away with it. And currently, they still are unless something significant happens.

"New corporate policy: All new hardware to be reflashed with manufacturer's firmware upon arrival"

We're going to need signed open source code, with a live distributed verification / trust checking scheme (so no single entity can publish fake signatures). We have every reason to NOT TRUST everything we can't see and inspect ourselves. Of course, if companies want to do open firmware, great, I'll be glad to buy.